Last active
September 4, 2016 04:45
-
-
Save shinnok/dc1ab6e6a2852f0862b1 to your computer and use it in GitHub Desktop.
Block ads and trackers using the hosts(5) file on OS X
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Block ads and trackers using the HOSTS(5) file on OSX | |
# | |
# The script also has some pfsense fu, for more details on this script visit | |
# http://shinnok.com/rants/2015/04/05/blocking-ads-and-trackers-using-hosts/ | |
# | |
# Dependencies: | |
# * git | |
# * curl | |
# * links - the www text browser | |
PFSENSE=false | |
if [ "$1" == "--firewall" ] || [ "$1" == "-f" ]; then | |
PFSENSE=true | |
fi | |
if [ $(whoami) != "root" ] | |
then | |
echo "I'm not root. Please sudo." | |
exit 1 | |
fi | |
cd /etc/ | |
git status >/dev/null 2>&1 | |
if [ "$?" != "0" ] | |
then | |
echo "No git repository found in /etc/. Initializing one is seriously encouraged if you want to use this script." | |
exit 1 | |
fi | |
if [ ! -d "./hosts.d" ] | |
then | |
echo "Initializing hosts.d..." | |
mkdir ./hosts.d || exit 1 | |
cp ./hosts ./hosts.d/hosts.1.head || exit 1 | |
touch ./hosts.d/hosts.2.custom || exit 1 | |
echo "You can custom host lookup rules in /etc/hosts.d/hosts.2.custom." | |
fi | |
echo "Updating..." | |
type links >/dev/null 2>&1 || { echo >&2 "I need the links tool to parse html pages. Aborting."; exit 1; } | |
links -dump https://hosts.neocities.org/ | sed 's/^ *//' > /etc/hosts.d/hosts.3.adblock | |
cat /etc/hosts.d/* > /etc/hosts | |
if [ "$PFSENSE" == "true" ] | |
then | |
grep emerging-threats ./pf.conf > /dev/null | |
if [ "$?" != "0" ] | |
then | |
echo "Adding pf anchors..." | |
cat >> pf.conf <<END | |
anchor "ip-block" | |
load anchor "ip-block" from "/etc/pf.anchors/ip-block" | |
anchor "emerging-threats" | |
load anchor "emerging-threats" from "/etc/pf.anchors/emerging-threats" | |
END | |
cat > pf.anchors/ip-block <<END | |
table <ip_block> persist file "/etc/pf.rules/ip-block.pf" | |
block log quick from <ip_block> to any | |
block log quick from any to <ip_block> | |
END | |
touch ./pf.rules/ip-block.pf || exit 1 | |
echo "You can block individual ip addresses or ranges in /etc/pf.rules/ip-block.pf." | |
fi | |
curl http://rules.emergingthreats.net/fwrules/emerging-PF-ALL.rules -o /etc/pf.anchors/emerging-threats 2>/dev/null | |
fi | |
git diff --exit-code ./hosts ./pf.anchors | |
if [ "$?" == "0" ] | |
then | |
echo "No updates." | |
exit | |
fi | |
echo "Commit changes(y/n)?" | |
read response | |
if [ "$response" == "y" ] | |
then | |
git commit ./hosts ./hosts.d/ ./pf.anchors/ -m "Update hosts and pfsense block lists." | |
discoveryutil mdnsflushcache | |
discoveryutil udnsflushcaches | |
if [ "$PFSENSE" == "true" ]; then | |
pfctl -f /etc/pf.conf | |
fi | |
else | |
echo "Please investigate. Revert /etc/hosts if suspicious. Rules not pointing at 0.0.0.0 in /etc/hosts:" | |
grep -v -e ^0.0.0.0 -e ^# /etc/hosts | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment